When a user of a computerized media device purchases content on line, the content provider may download authorization information to the device in order to enable the user to access the content. The device stores this authorization information securely in data memory, which typically comprises non-volatile memory (NVM), such as flash memory. To prevent the user (or other parties) from changing the authorization information, the information may be digitally signed. An attacker who does not possess the appropriate key will then be unable to alter the authorization information. It is still possible, however, for the attacker to access the NVM and read out and store both the authorization information (which may be encrypted) and the digital signature.
If the authorization information is subsequently changed (to a lower level of authorization, for example, because the user has canceled his subscription to certain content channels or because the user has played an on-line game a certain number of times), new authorization information, with a new signature, will be written to the NVM. An attacker may replace this new authorization information and signature with the old authorization information and signature that he earlier read out and stored. He will then be able to access content for which he is no longer paying. This sort of strategy is known as a “playback attack.”